BugTraq Mode:
(Page 6 of 1700)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
Facebook API v2.1 - RFC6749 Open Redirect Vulnerability 2016-10-11
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Facebook API v2.1 - RFC6749 Open Redirect Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1972

Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2016/10/10/facebook-api-v21
-hit-rfc6749-

[ more ]  [ reply ]
Contenido v4.9.11 CMS - (Backend) Multiple XSS Vulnerabilities 2016-10-11
admin (at) evolution-sec (dot) com [email concealed] (admin evolution-sec com)
Document Title:
===============
Contenido v4.9.11 - (Backend) Multiple XSS Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1928

Release Date:
=============
2016-10-10

Vulnerability Laboratory ID (VL-ID):
============================

[ more ]  [ reply ]
[SEARCH-LAB advisory] AVTECH IP Camera, NVR, DVR multiple vulnerabilities 2016-10-11
Gergely Eberhardt (gergely eberhardt search-lab hu)
Avtech devices multiple vulnerabilities

--------------------------------------------------

Platforms / Firmware confirmed affected:
- Every Avtech device (IP camera, NVR, DVR) and firmware version. [4]
contains the list of confirmed firmware versions, which are affected.
- Product page: http://www

[ more ]  [ reply ]
SEC Consult SA-20161011-0 :: XXE vulnerability in RSA Enterprise Compromise Assessment Tool (ECAT) 2016-10-11
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20161011-0 >
=======================================================================
title: XML External Entity Injection (XXE)
product: RSA Enterprise Compromise Assessment Tool (ECAT)
vulnerable version: 4.1.0.1
fix

[ more ]  [ reply ]
[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2016-10-11
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-043
Product: Microsoft Wireless Desktop 2000
Manufacturer: Microsoft
Affected Version(s): Ver. A
Tested Version(s): Ver. A
Vulnerability Type: Cryptographic Issues (CWE-310)
Insufficient Protection against Re

[ more ]  [ reply ]
[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2016-10-10
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-043
Product: Microsoft Wireless Desktop 2000
Manufacturer: Microsoft
Affected Version(s): Ver. A
Tested Version(s): Ver. A
Vulnerability Type: Cryptographic Issues (CWE-310)
Insufficient Protection against Re

[ more ]  [ reply ]
Crashing Android devices with large Assisted-GPS Data Files [CVE-2016-5348] 2016-10-10
Nightwatch Cybersecurity Research (research nightwatchcybersecurity com)
Original at:
https://wwws.nightwatchcybersecurity.com/2016/10/04/advisory-cve-2016-53
48-2/

Summary

Android devices can be crashed remotely forcing a halt and then a soft
reboot by a MITM attacker manipulating assisted GPS/GNSS data provided
by Qualcomm. This issue affects the open source code in A

[ more ]  [ reply ]
[SYSS-2016-068] Fujitsu Wireless Keyboard Set LX901 - Cryptographic Issues (CWE-310), Missing Protection against Replay Attacks 2016-10-10
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-068
Product: Wireless Keyboard Set LX901
Manufacturer: Fujitsu
Affected Version(s): Model No. GK900
Tested Version(s): Model No. GK900
Vulnerability Type: Cryptographic Issues (CWE-310)
Missing Protection aga

[ more ]  [ reply ]
[SYSS-2016-033] Microsoft Wireless Desktop 2000 - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key) 2016-10-10
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-033
Product: Microsoft Wireless Desktop 2000
Manufacturer: Microsoft
Affected Version(s): Ver. A
Tested Version(s): Ver. A
Vulnerability Type: Insufficient Protection of Code (Firmware) and
Data (Cryptograph

[ more ]  [ reply ]
Cyberoam iview UTM v0.1.2.7 - (Ajax) XSS Web Vulnerability 2016-10-05
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Cyberoam iview UTM v0.1.2.7 - (Ajax) XSS Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1850

Cyberoam ID: #1059276
Security ID: NCR-2064

Release Date:
=============
2016-10-04

Vulnerability Labor

[ more ]  [ reply ]
Clean Master v1.0 - Unquoted Path Privilege Escalation 2016-10-05
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Clean Master v1.0 - Unquoted Path Privilege Escalation

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1968

Release Date:
=============
2016-10-05

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability

Advisory ID: cisco-sa-20161005-dhcp2

Revision: 1.0

For Public Release: 2016 October 5 16:00 GMT

+----------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability

Advisory ID: cisco-sa-20161005-dhcp1

Revision: 1.0

For Public Release: 2016 October 5 16:00 GMT

+------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability

Advisory ID: cisco-sa-20161005-nxaaa

Revision: 1.0

For Public Release: 2016 October 5 16:00 GMT

+--------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability 2016-10-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability

Advisory ID: cisco-sa-20161005-bgp

Revision 1.0

For Public Release 2016 October 5 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
===

[ more ]  [ reply ]
[security bulletin] HPSBGN03639 rev.1 - HPE KeyView, Remote Code Execution 2016-10-05
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052974
77

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05297477
Version: 1

HPSBGN03639 rev.1 - HPE KeyV

[ more ]  [ reply ]
KL-001-2016-004 : Cisco Firepower Threat Management Console Authenticated Denial of Service 2016-10-05
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2016-004 : Cisco Firepower Threat Management Console Authenticated Denial
of Service

Title: Cisco Firepower Threat Management Console Authenticated Denial of Service
Advisory ID: KL-001-2016-004
Publication Date: 2016.10.05
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-0

[ more ]  [ reply ]
KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL Credentials 2016-10-05
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL
Credentials

Title: Cisco Firepower Threat Management Console Hard-coded MySQL Credentials
Advisory ID: KL-001-2016-005
Publication Date: 2016.10.05
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-201

[ more ]  [ reply ]
[SECURITY] [DSA 3688-1] nss security update 2016-10-05
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3688-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
October 05, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3687-1] nspr security update 2016-10-05
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3687-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
October 05, 2016

[ more ]  [ reply ]
September 2016 - HipChat Plugin for various products - Critical Security Advisory 2016-10-06
David Black (dblack atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This email refers to the following advisory pages:

* Bitbucket Server - https://confluence.atlassian.com/x/0QkcMg
* Confluence - https://confluence.atlassian.com/x/yIGbMg
* JIRA - https://confluence.atlassian.com/x/w4GbMg

CVE ID:
* CVE-2016-6668 - T

[ more ]  [ reply ]
ESA-2016-121: EMC Unisphere for VMAX and Solutions Enabler Virtual Appliances Multiple Vulnerabilities 2016-10-04
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-121: EMC Unisphere for VMAX and Solutions Enabler Virtual Appliances Multiple Vulnerabilities

EMC Identifier: ESA-2016-121

CVE Identifier: CVE-2016-6645, CVE-2016-6646

Severity Rating: CVSS v3 Base Score: See below for individual CVE

[ more ]  [ reply ]
ESA-2016-063: EMC Replication Manager and Network Module for Microsoft Remote Code Execution Vulnerability 2016-10-04
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-063: EMC Replication Manager and Network Module for Microsoft Remote Code Execution Vulnerability

EMC Identifier: ESA-2016-063

CVE Identifier: CVE-2016-0913

Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:

[ more ]  [ reply ]
Serimux SSH Console Switch v2.4 - Multiple Cross Site Vulnerabilities 2016-10-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Serimux SSH Console Switch v2.4 - Multiple Cross Site Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1942

Release Date:
=============
2016-10-04

Vulnerability Laboratory ID (VL-ID):
================

[ more ]  [ reply ]
AuraDVD Ripper Professional v1.6.3 - DLL Hijacking Exploit 2016-10-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
AuraDVD Ripper Professional v1.6.3 - DLL Hijacking Exploit

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1966

Release Date:
=============
2016-10-04

Vulnerability Laboratory ID (VL-ID):
===========================

[ more ]  [ reply ]
TeempIp XSS Cookie Theft 2016-10-03
apparitionsec gmail com
[+] Credits: hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/TEEMIP-XSS-COOKIE-THEFT.txt

[+] ISR: ApparitionSec

Vendor:
===============
www.combodo.com

Product:
==============
TeemIp v2.0.2

Offer your customers a professional and eco

[ more ]  [ reply ]
[SECURITY] [DSA 3684-1] libdbd-mysql-perl security update 2016-10-03
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3684-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Florian Weimer
October 03, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3681-2] wordpress regression update 2016-10-01
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3681-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Yves-Alexis Perez
October 01, 2016

[ more ]  [ reply ]
CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-01
Dawid Golunski (dawid legalhackers com)
CVE: CVE-2016-1240
Vulnerability: Tomcat packaging on Debian-based distros - Local Root
Privilege Escalation
Affected packages: Tomcat 6/7/8 deb packages (up to 8.0.36-2)
Systems affected: Debian & Ubuntu & possibly others (using the
affected deb packages)

Discovered by:
Dawid Golunski (http://lega

[ more ]  [ reply ]
Multiple exposures in Sophos UTM 2016-09-30
Tim Schughart (t schughart prosec-networks com)
Hello @all,

together with my colleague we found two uncritical vulnerabilities you'll find below.

Product: Sophos UTM
Vendor: Sophos ltd.

Internal reference: ? (Bug ID)
Vulnerability type: Information Disclosure
Vulnerable version: 9.405-5, 9.404-5 and possible other versions affected (not test

[ more ]  [ reply ]
(Page 6 of 1700)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus